​

Sandboxes

​

What is a Sandbox?

• Runs your agent code
• Has its own filesystem
• Has network access (egress only)
• Is completely isolated from other sandboxes

​

Per-Request Sandboxes

Request 1 → Sandbox A → Response 1 → Sandbox A destroyed
Request 2 → Sandbox B → Response 2 → Sandbox B destroyed
Request 3 → Sandbox C → Response 3 → Sandbox C destroyed

• Security — No data persists between requests
• Isolation — One request can’t affect another
• Scalability — Parallel requests run in parallel sandboxes

​

Sandbox Lifecycle

​

During Deployment

1. New sandbox created
2. Agent code uploaded
3. npm install executed
4. Secrets injected as environment variables
5. Sandbox kept warm for invocations

​

During Invocation

1. Warm sandbox receives request
2. Agent process started with prompt on stdin
3. Agent executes (Claude + tools)
4. Response captured from stdout
5. Sandbox state reset for next request

​

On Redeploy

1. Old sandbox destroyed
2. New sandbox created with updated code
3. All state from old sandbox is lost

​

Security Model

​

Isolation

• Own filesystem
• Own process namespace
• Own network namespace
• No access to host system

​

Network

​

Filesystem

• Agents can read/write within their sandbox
• No access to other sandboxes
• State does not persist between invocations

​

Resource Limits

​

Preinstalled Software

• Node.js 20
• npm
• git
• Common utilities (curl, wget, etc.)

​

Debugging Sandbox Issues

​

Timeout Errors

1. Check for infinite loops
2. Optimize slow operations
3. Break complex tasks into smaller steps

​

Out of Memory

1. Process data in chunks
2. Avoid loading large files entirely into memory
3. Clean up resources after use

​

Network Errors

1. Check the API is accessible
2. Verify credentials are set as secrets
3. Check for rate limiting

​

E2B vs Other Sandboxing

​

See Also